Can't upgrade procps in LXC 1.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
procps (Ubuntu) |
Fix Released
|
High
|
Stéphane Graber | ||
Precise |
Fix Released
|
High
|
Stéphane Graber | ||
Trusty |
Fix Released
|
High
|
Stéphane Graber | ||
Utopic |
Fix Released
|
High
|
Stéphane Graber | ||
Vivid |
Fix Released
|
High
|
Stéphane Graber |
Bug Description
== SRU ==
Rationale:
sysctl now fails with current LXC as files which shouldn't be written to in containers are read-only. A previous fix applied to the EACCESS case as returned by apparmor.
Text case:
start procps
Regression potential:
All EROFS write failures will now be ignored (an error is still logged) but I can't think of a case where that'd be a bad thing.
Original bug report:
LXC 1.1 on vivid has started giving privileged containers a read-only /sys, which prevents Ubuntu's procps Upstart job from starting. This isn't normally too problematic, except that the weekend's procps SRU's postinst tries to start the job and causes the upgrade to fail.
Disabling the procps postinst makes apt usable again.
root@wgrant- local-machine- 1:/# tail /var/log/ upstart/ procps. log kptr_restrict" : Read-only file system hardlinks" : Read-only file system symlinks" : Read-only file system conf.default. rp_filter" : Read-only file system conf.all. rp_filter" : Read-only file system yama.ptrace_ scope": Read-only file system conf.all. use_tempaddr" : Read-only file system conf.default. use_tempaddr" : Read-only file system
sysctl: setting key "kernel.
sysctl: setting key "fs.protected_
sysctl: setting key "fs.protected_
sysctl: setting key "kernel.sysrq": Read-only file system
sysctl: setting key "net.ipv4.
sysctl: setting key "net.ipv4.
sysctl: setting key "kernel.
sysctl: setting key "vm.mmap_min_addr": Read-only file system
sysctl: setting key "net.ipv6.
sysctl: setting key "net.ipv6.